package cn.wolfcode.web.interceptor;

import cn.wolfcode.domain.Employee;
import cn.wolfcode.mapper.PermissionMapper;
import cn.wolfcode.qo.JsonResult;
import cn.wolfcode.service.IPermissionService;
import cn.wolfcode.util.RequirePermission;
import cn.wolfcode.util.UserContext;
import com.alibaba.fastjson.JSON;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.awt.*;
import java.io.IOException;
import java.util.Arrays;
import java.util.List;
import java.util.logging.Handler;

public class PermissionInterceptor implements HandlerInterceptor {

    /*@Autowired
    private IPermissionService permissionService;*//*
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws ServletException, IOException {
        //1获取当前登录用户
        Employee employee = UserContext.getCurrentUser();
        //2是否是超级管理员
                //是,放行
        if (employee.isAdmin()){
                return true;
        }
                //不是->3
        //3获取当前要执行的方法(被拦截的方法)
        *//*if (handler instanceof HandlerMethod){
            HandlerMethod method = (HandlerMethod) handler;

        }*//*  //判断 强转 用于 前端控制器为 /
        HandlerMethod method = (HandlerMethod) handler;
        RequirePermission annotation = method.getMethodAnnotation(RequirePermission.class);

        //4判断是否贴有自定义注解
        if(annotation == null){
            //不是,放行
            return true;
        }
                //是->5
        //5获取方法的权限表达式
        String expression = annotation.expression();
        //6获取当前登录用户所拥有的权限表达式集合
        List<String> list = UserContext.getPermission();
        //7判断方法的权限表达式集合是否包含方法的权限表达式
        if (list.contains(expression)){
            //包含,放行
            return true;
        }
           //不包含,不放行,提示错误
           //判断是否有贴ResponseBody注解
        if (!method.hasMethodAnnotation(ResponseBody.class)){
            request.getRequestDispatcher("/WEB-INF/views/common/nopermission.ftl").forward(request, response);

        }else {
            //响应JSON数据
            JsonResult jsonResult = new JsonResult(false,"没有权限操作!");
            response.setContentType("application/json;charset=utf-8");
            response.getWriter().print(JSON.toJSONString(jsonResult));
        }

        return false;
    }*/
}
